In response to the comments/suggestions made by Will and Kris on yesterday’s post:
The thing I don’t like about the CAPTCHA technique is that it’s impossible to have a good balance between form and function. That is to say, if it works at peak efficiency, then it’s an accessibility nightmare. If it works at peak efficiency for accessibility, then it’s basically useless at thwarting spam.
I also don’t want to make a rule that you can only include one link per post, because sometimes it’s entirely appropriate to post several links. Granted, it’s rare that anyone who isn’t a spammer would need to do that, but you never know.
A great real-world example is on the blog of a friend. In a recent post, she and I were at odds about something, and I was trying to make a point by linking to five different pages that I felt helped support my view. The commenting system that she uses (HaloScan) only allows three links per post (it did politely tell me that I had tripped the spam filter), which meant I had to post two separate comments.
Another method, which wasn’t suggested, is to allow only registered users to post comments. If your blog is hosted at Blogger and you use their built-in commenting system (as I know several of you do), then you have the option to disallow anonymous comments, thereby reducing the amount of comment spam you receive (which runs rampant on Blogger). Again, I am averse to such a system because of the impact it would have on “casual” users. I’ve had the Gravatar option in place for… Um… A while now (how long has it been?), and how many of my users actually have them? Including me, I think it’s about three. Maybe two. How many people do you think would sign up just to be allowed to post a comment?
In all three cases, it becomes a usability issue, insofar as it’s an added layer of bullshit that users have to sift through in order to post a comment, which may lead some users to decide that it isn’t worth the effort (no matter how little effort that is). Although I must admit, requiring users to put some thought into their comments in order to make them “worth it” is probably not a bad thing.
Really what it boils down to is user experience. Do I want a site that’s pleasant and easy to use (no digs about the current state of the site’s pleasantness or pleasantlessness, please), or do I want a site that suspects every user of being a spammer? Do I want a utopian site, or an Orwellian one?
Because my previous paragraph reminded me of it, I’ll wrap this up with the Morning Litany for a Web Server Administrator (an oldie, but a goodie).
“All data is fraudulent.
All communications are attempted hacks.
All clients are thieves.
Technology is only my first line of defense.”0 People like this. Be the first!